Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91602BE/38218332A21D11E99C9DC77DC4F9AE02/5722DE6A5BD211EF992CFC15C4F9AE02.roa
File: 5722DE6A5BD211EF992CFC15C4F9AE02.roa (raw, json)
Hash identifier: qXclsIZ/o6LbSbrarDThyR8nOztl7IgOQdTIOwzSiNU=
Subject key identifier: 02:49:92:6A:0C:40:56:91:97:CE:7F:66:A9:9E:DE:2E:D8:CC:4A:5A
Certificate issuer: /CN=A91602BE/serialNumber=17F951844051448C89061404CFB41EAAE0473A7A
Certificate serial: 0DC7
Authority key identifier: 17:F9:51:84:40:51:44:8C:89:06:14:04:CF:B4:1E:AA:E0:47:3A:7A
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F_lRhEBRRIyJBhQEz7QequBHOno.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91602BE/38218332A21D11E99C9DC77DC4F9AE02/5722DE6A5BD211EF992CFC15C4F9AE02.roa
Signing time: Fri 16 Aug 2024 13:20:44 +0000
ROA not before: Fri 16 Aug 2024 13:20:44 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 136787
IP address blocks: 103.86.96.0/24 maxlen: 24
103.86.99.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3527 (0xdc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91602BE
Validity
Not Before: Aug 16 13:20:44 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=66bf522b-195a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a0:65:67:ae:8f:d5:32:5f:46:ec:48:80:97:
a0:da:e4:ae:6f:26:0f:cb:92:0c:bf:42:b6:b4:3a:
d7:e1:0d:02:00:56:04:3c:18:1e:36:3d:a7:25:d9:
c6:23:3c:4e:46:63:60:5f:4c:40:dd:15:05:0f:03:
ba:d1:6d:f4:b8:0e:8e:ce:0c:39:0b:73:1c:4b:f0:
c0:51:af:a4:79:b7:05:cf:d8:35:2f:85:c1:ab:e2:
17:24:76:69:85:76:32:ff:10:db:6a:3b:75:3a:17:
16:5e:cc:50:92:91:f7:7f:ed:44:2c:46:16:46:7a:
29:bb:06:c1:5d:d3:17:b2:62:c4:9f:cb:4e:1f:95:
8e:75:e9:9a:0f:3c:43:4d:ae:78:f4:ab:d1:d4:20:
ee:47:cf:e4:d7:5f:d0:eb:e1:1c:13:bf:40:42:e5:
b0:d7:71:41:5e:f0:97:7d:4a:d8:ee:9b:62:bd:7d:
26:f6:d2:db:8b:64:09:21:a4:88:71:4d:9f:3f:19:
51:d2:14:e8:cb:ab:c4:fd:eb:36:6b:63:dc:da:39:
ee:87:67:4c:40:ce:f9:f4:16:dd:d5:12:be:88:7b:
63:1b:19:4e:5f:d1:28:29:2a:dc:a9:f9:df:4d:ee:
8e:9c:60:ec:70:6e:87:0d:3f:7a:b1:9b:b9:e7:72:
73:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:49:92:6A:0C:40:56:91:97:CE:7F:66:A9:9E:DE:2E:D8:CC:4A:5A
X509v3 Authority Key Identifier:
keyid:17:F9:51:84:40:51:44:8C:89:06:14:04:CF:B4:1E:AA:E0:47:3A:7A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91602BE/38218332A21D11E99C9DC77DC4F9AE02/F_lRhEBRRIyJBhQEz7QequBHOno.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/F_lRhEBRRIyJBhQEz7QequBHOno.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91602BE/38218332A21D11E99C9DC77DC4F9AE02/5722DE6A5BD211EF992CFC15C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.86.96.0/24
103.86.99.0/24
Signature Algorithm: sha256WithRSAEncryption
84:de:d9:fb:e6:d7:cf:b2:07:fb:e9:27:3c:24:ad:c5:fc:ce:
d8:c3:db:69:f6:65:1a:39:88:5f:6d:04:77:06:a7:77:93:5a:
2f:41:6b:a6:eb:d1:6a:5c:b2:cb:fa:d1:da:b4:5f:56:cb:85:
2d:80:04:bc:30:4c:d1:06:43:66:c8:0b:43:a8:9a:e0:85:6e:
16:2e:fd:8c:02:d8:c0:a4:b2:7e:71:c3:09:fb:28:94:80:ff:
33:75:42:9a:04:ed:40:20:30:84:17:f1:f0:6c:8c:d0:0e:68:
db:15:8b:1a:3c:9b:e1:b4:7d:83:fb:05:a9:a4:8b:7f:52:23:
f9:be:6a:ff:6e:c9:cf:9f:cb:61:1c:08:aa:ba:04:f9:8f:0a:
b2:8d:9a:be:25:e6:b5:d9:90:27:26:e3:ef:bb:5e:fe:0a:ab:
19:e6:54:63:35:e6:3c:cf:ad:f7:af:9d:4c:76:5a:52:34:fc:
e2:f0:dd:70:f2:13:4e:8d:71:89:73:04:91:21:3d:dc:44:b7:
62:02:45:8f:15:74:11:6c:ad:e9:ef:50:74:fd:dd:10:a1:cc:
f7:c7:e2:1b:64:51:d4:9a:64:31:c7:48:d8:1e:7e:28:b5:79:
1e:1b:e2:73:01:12:55:a7:fd:e5:0d:57:df:4d:b4:92:6c:e6:
de:c5:63:42
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgICDccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NjAyQkUxMTAvBgNVBAUTKDE3Rjk1MTg0NDA1MTQ0OEM4OTA2MTQwNENGQjQxRUFB
RTA0NzNBN0EwHhcNMjQwODE2MTMyMDQ0WhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NmJmNTIyYi0xOTVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA0KBlZ66P1TJfRuxIgJeg2uSubyYPy5IMv0K2tDrX4Q0CAFYEPBgeNj2nJdnG
IzxORmNgX0xA3RUFDwO60W30uA6Ozgw5C3McS/DAUa+kebcFz9g1L4XBq+IXJHZp
hXYy/xDbajt1OhcWXsxQkpH3f+1ELEYWRnopuwbBXdMXsmLEn8tOH5WOdemaDzxD
Ta549KvR1CDuR8/k11/Q6+EcE79AQuWw13FBXvCXfUrY7ptivX0m9tLbi2QJIaSI
cU2fPxlR0hToy6vE/es2a2Pc2jnuh2dMQM759Bbd1RK+iHtjGxlOX9EoKSrcqfnf
Te6OnGDscG6HDT96sZu553JzcQIDAQABo4ICmzCCApcwHQYDVR0OBBYEFAJJkmoM
QFaRl85/Zqme3i7YzEpaMB8GA1UdIwQYMBaAFBf5UYRAUUSMiQYUBM+0HqrgRzp6
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDJCRS8zODIxODMzMkEy
MUQxMUU5OUM5REM3N0RDNEY5QUUwMi9GX2xSaEVCUlJJeUpCaFFFejdRZXF1QkhP
bm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0ZfbFJoRUJSUkl5SkJoUUV6N1FlcXVCSE9uby5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NjAyQkUvMzgyMTgzMzJBMjFEMTFFOTlDOURDNzdEQzRGOUFFMDIvNTcyMkRFNkE1
QkQyMTFFRjk5MkNGQzE1QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwJQYIKwYBBQUHAQcBAf8E
FjAUMBIEAgABMAwDBABnVmADBABnVmMwDQYJKoZIhvcNAQELBQADggEBAITe2fvm
18+yB/vpJzwkrcX8ztjD22n2ZRo5iF9tBHcGp3eTWi9Ba6br0Wpcssv60dq0X1bL
hS2ABLwwTNEGQ2bIC0OomuCFbhYu/YwC2MCksn5xwwn7KJSA/zN1QpoE7UAgMIQX
8fBsjNAOaNsVixo8m+G0fYP7Bamki39SI/m+av9uyc+fy2EcCKq6BPmPCrKNmr4l
5rXZkCcm4++7Xv4KqxnmVGM15jzPrfevnUx2WlI0/OLw3XDyE06NcYlzBJEhPdxE
t2ICRY8VdBFsrenvUHT93RChzPfH4htkUdSaZDHHSNgefii1eR4b4nMBElWn/eUN
V99NtJJs5t7FY0I=
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:39:44 2025 by rpki-client